SolarWinds says two security updates protect against 'Sunburst' attacks as well as more recently discovered 'Supernova' malware
News security
Ransomware Group Threatens To Release Hospital Patient Photos
Hacking group REvil threatens to release 900GB of before-and-after photos of cosmetic surgery patients unless ransom is paid
NCSC Probes UK Fallout Of Massive Hacking Campaign
UK authorities investigate impact on British public and private-sector organisations from allegedly Russian cyber-espionage attack that went on for months
Specops Software – Password Security: How to Use the NCSC Password List in Your Active Directory
How strong is your business’s password security? Learn how including the NCSC Password List in Your Active Directory can have a dramatic positive impact on your password security
Disruption Continues Two Weeks After Manchester United Cyber-Attack
Manchester United has confirmed it was struck by a 'sophisticated' cyber-attack but declined to comment on reported ransom demands
Twitter Appoints Famed Hacker As Security Head
Peiter Zatko, otherwise known by hacker handle 'Mudge' will report directly to CEO Jack Dorsey after conducting review of Twitter operations
Pandemic To Redefine Security Landscape Next Year, Researchers Say
Covid-19 likely to have widespread effects on security priorities, as companies shift to remote working and hackers focus on sensitive biotech data
Microsoft Warns Of Russia, North Korea Attacks On Vaccine Research
Russia and North Korea carrying out cyber-attacks on pharmaceuticals companies and researchers involved in coronavirus vaccine research, Microsoft says
Capcom Latest Multinational To Be Hit By Disruptive Cyber-Attack
Resident Evil and Street Fighter maker Capcom hit by attack that disrupts internal systems, while researchers say Ragnar Locker ransomware group is to blame
Google Discloses Unpatched Windows Bug Under Active Exploitation
Google's Project Zero publishes details and exploit code for unpatched Windows kernel bug it says is being actively used in targeted attacks
Google Discloses Biggest-Ever DDoS Attack
Google says it successfully fended off a 2.5 Tbps denial-of-service attack in 2017, making it the biggest such attack to date
Microsoft Issues Two Emergency Windows Patches
Microsoft publishes out-of-band patches for bugs in Visual Studio Code and Windows Codecs Library that could allow attackers to take over a system
‘Taurus’ Malicious Ad Campaign Puts Data At Risk
Drive-by hacking tools plant Taurus data-stealing malware on vulnerable systems, as pandemic raises risk of corporate data being stolen from home computers
Amazon’s Flying Home Security Camera Sparks Privacy Debate
Always Home Cam drone from Amazon subsidiary Ring is designed to fly around homes to offer 'peace of mind', but critics say it invades privacy
Twitter Adds Extra Security Ahead Of US Election
Twitter adds mandatory additional security measures to prominent political accounts ahead of US presidential election, following high-profile July hack
Warner Music Warns Of Three-Month Payment Card Hack
Attackers made off with full payment card details from Warner Music Group e-commerce sites from April to August of this year, company tells customers
Npm Removes Data Theft Code
Popular JavaScript developer tool removes malicious package that tried to steal data, in latest attack on software supply chain
Researchers Uncover Stuxnet-Style Flaw In Windows
The zero-day vulnerability affects the same Windows component used by Stuxnet to attack critical infrastructure when it was first appeared 10 years ago
Facebook Open Sources Python Code Check Tool
Pysa static analysis tool, developed to find security bugs in Instagram's huge codebase, can now be used to help secure other developers' Python code
Bognor Regis Man Arrested Over Major Twitter Hack
Man arrested in Bognor Regis along with two others in Florida over hack that compromised dozens of prominent Twitter accounts to spread Bitcoin scam
EU’s First Cyber-Warfare Sanctions Target Russia, China, North Korea
EU imposes asset freeze and travel ban on individuals and organisations from three countries over destructive cyber-attacks carried out in the past decade
Linux Foundation Planning Kubernetes Security Certification
Linux Foundation and Cloud Native Computing Foundation set to offer certification for Kubernetes security specialists as demand for cloud hardening soars
Cloud Services Firm Stops Ransomware Attack, But Pays Anyway
Nonprofit technology supplier Blackbaud stops ransomware attack from encrypting files, but pays to ensure attackers delete stolen customer information
German Court Strikes Down Telecoms Data Access Law
Current laws give security services 'excessive' access to citizens' data, finds top court, giving government until end of 2021 to bring in higher thresholds
Microsoft Project Freta Looks To Eradicate Undetected Malware
Demonstration technology carries out offline sweeps of Linux virtual machine snapshots at large scale to help organisations root out in-memory malware
‘BlueLeaks’ Hacked US Police Data Removed In German Takedown
Zwickau public prosecutor confiscates server used to distribute hundreds of gigabytes of data hacked from police forces across the US
Apple Reconfigures Macs To Block Adware
Apple will no longer allow user profiles to be installed on Macs without user interaction, in move targeting 'plague of adware'
F5 Networks Warns Of Critical Security Flaw In Networking Devices
F5 says BIG-IP application delivery controllers used on many corporate and government networks are vulnerable to takeover by remote attackers
Thanos Ransomware Adds New Features
Rapid evolution of Thanos ransomware-as-a-service, along with high-end attacks, indicate evolving threat as criminals seek to monetise organisations' data
US Police Forces Hit By Huge Data Breach
Activist hackers release 24 years' worth of data from hundreds of police forces in move timed to coincide with protests against police brutality and racism